[squid-users] Reverse Proxy config chain SSL Cert files

From: Calvin Park <carrot_at_carrotis.com>
Date: Tue, 23 Jun 2009 17:36:52 +0900

Hello Squid users.

I am using on squid 3.0 Stable15.
I try to make SSL reverse proxy.
My config file is below.

https_port 443 cert=domain.crt key=domain.key
clientca=UTNAddTrustServerCA.crt defaultsite=www.test.com vhost
cache_peer 1.1.1.1 parent 443 0 no-query originserver sslflags=DONT_VERIFY_PEER

And start squid

/etc/init.d/squid start
* Starting Squid HTTP proxy squid
* Creating squid cache structure
Enter PEM pass phrase:

and enter my pass. It's Ok.

root_at_virt:/var/log/squid# lsof -i TCP:443
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
squid 24010 proxy 15u IPv4 1311653 TCP *:https (LISTEN)

and 443 port opened.

But I can't connect SSL site ( https://www.test.com. )

How can I do ?. I don't know how to setup squid about chain SSL.

I found below log. (cache.log)
2009/06/12 13:40:41| httpsAccept: Error allocating handle:
error:140BA0C3:SSL routines:SSL_new:null ssl ctx
2009/06/12 13:40:41| httpsAccept: Error allocating handle:
error:140BA0C3:SSL routines:SSL_new:null ssl ctx
2009/06/12 13:40:41| httpsAccept: Error allocating handle:
error:140BA0C3:SSL routines:SSL_new:null ssl ctx
2009/06/12 13:40:41| httpsAccept: Error allocating handle:
error:140BA0C3:SSL routines:SSL_new:null ssl ctx
Received on Tue Jun 23 2009 - 08:36:59 MDT

This archive was generated by hypermail 2.2.0 : Tue Jun 23 2009 - 12:00:03 MDT